News & Blog

Malta’s leading bank resumes operations after cyberheist-induced shutdown

Bank of Valetta, which went dark for a day after the fraudulent transfers of €13 million, is now looking to get the money back

Things are going back to normal for Bank of Valetta (BOV) and its customers following a cyberattack that caused Malta’s largest bank to take the unprecedented step of temporarily shutting down all its services.

On Wednesday morning, BOV found out that unknown attackers had made fraudulent transactions from the bank to financial services providers in the United States, the United Kingdom, the Czech Republic, and Hong Kong. The heist, of around €13 million (US$14.6 million), even prompted a reaction from Malta’s Prime Minister Joseph Muscat, who said that customer funds were not touched and, indeed, were never in danger.

The theft came to light “during reconciliation of international transactions when discrepancies in eleven payments were noticed”, wrote The Times of Malta. Shortly thereafter, BOV was alerted by the country’s Security Service that the bank had been targeted by a cyberattack originating from outside the Mediterranean island.

It has been reported that, within 30 minutes after learning that something was amiss, the bank suspended its services and began to work on retrieving the funds. Naturally, the incident also prompted what the bank has called “rigorous overnight testing” of its IT systems. With the tests deemed successful, the bank restored most of its systems and services on Thursday, as well as its website and mobile app, and re-opened office branches and ATMs.

According to Reuters, the bank has also yet to determine where the intrusion came from and how it happened. Besides other unknowns surrounding the attack, another question has yet to be answered: Where’s the money and, indeed, will it be retrieved?

In their latest coverage, local media quote the bank’s chief business development officer Kenneth Farrugia as implying that while the money has been traced, its recovery is a different thing altogether.

“We know where the money went and into which banks but what happened at that touchpoint we do not have the visibility to know,” said Farrugia for The Times of Malta. “It’s not simply a matter of asking the banks for the money to be reversed. It does not work like that and there are banking procedures that have to be implemented,” he added, without shedding light on whether all the money will, or even can, actually be retrieved.

Per Reuters, BOV accounts for nearly one-half of Malta’s banking transactions. Most shares in the financial services provider, which is also Malta’s oldest, are held by the country’s government.

Bank jobs

Cyberheists are nothing new, of course, and we have previously written about thefts targeting banks in Bangladesh, India and Russia, and Mexico. In 2016, ESET researchers Anton Cherepanov and Jean-Ian Boutin wrote a paper about attacks at Russian financial institutions while, in 2018, ESET researcher Miguel Ángel Mendoza weighed in on the theft in Mexico.

We also wrote last year about how US banks are preparing for a scenario involving a particularly devastating cyber-intrusion.

15 Feb 2019 – 02:29PM

This story was originally published on We Live Security by Eset

Ad code 'slows down' browsing speeds

Ads are responsible for making webpages slow to a crawl, suggests analysis of the most popular one million websites.

The research by developer Patrick Hulce looked at which chunks of code take longest to load.

About 60% of the total loading time of a page was caused by scripts that place adverts or analyse what users do, he found.

But using ad-blockers may not be the best way to avoid delays and speed up the loading of webpages, he said.

Bad blocks

Mr Hulce gathered data from both desktop and mobile versions of popular sites on which he sampled programs written in the Javascript language. This is typically used by developers to make sites interactive and also helps them display ads or log what users click on.

He found that the Javascript code helping Google place ads on pages and analyse user activity bestowed the longest delays on visitors. The Javascript behind Google ads and its analytics system were found on the largest number of sites in the million sampled, Mr Hulce told The Register news site.

If used together on a site, these can add more than two-thirds of a second to loading times, he found.

There were some ad-serving scripts written in Javascript that imposed longer delays, but these were used on a much smaller proportion of sites, the analysis found.

The worst offender was the WordAds script for WordPress blogs that, all by itself, can delay the arrival of an entire page by up to 2.5 seconds.

Not all delays were down to ads and analytics, said Mr Hulce. Other factors such as network delays and big file sizes for some content could also contribute to slow loading times.

In addition, he said, greater use of ad-blocking programs may not always improve browsing speeds.

Ad-blockers can end up “triggering convoluted workaround logic and complex disguising of ads that increase script execution time”, he told The Register.

This story was originally published on BBC Technology News

Mobile networks call for 5G security inspector

The mobile network industry has called for a new European security testing scheme to check the safety of 5G equipment before it is deployed.

Several countries have stopped individual companies supplying equipment for their next-generation networks, citing security concerns.

Chinese giants Huawei and ZTE have both faced intense scrutiny.

The GSMA, which represents 800 network operators, said a testing scheme would reduce the need to ban suppliers.

Australia, New Zealand, and the United States have already barred Huawei from supplying equipment for their future 5G networks.

Meanwhile, Canada is carrying out a security review of Huawei’s products and UK service provider BT is removing Huawei kit from the core of its 5G network.

Many countries fear that the Chinese government is using Huawei as a proxy so it can spy on rival nations and scoop up useful information.

Huawei has said it is independent and gives nothing to the country’s government, apart from relevant taxes. But critics question how free any major Chinese business can be from Beijing’s influence.

The GSMA is concerned that banning suppliers will cause delays to 5G rollout and increase costs.

“Such significant consequences, intended or not, are entirely avoidable,” it said in a statement.

It intends to put together a task force of European mobile networks to identify ways that equipment testing could be enhanced.

The UK’s communications agency GCHQ already has a task force dedicated to inspecting Huawei equipment.

The last report GCHQ produced said it found “shortcomings” in products that meant it could only give “limited assurance” that the firm posed no threat.

The GSMA said governments should work with mobile operators to agree on a standardised testing scheme across Europe to “ensure confidence in network security”.

Huawei said it was “committed to working globally with everyone involved in network security”.

Deutsche Telekom said it welcomed the move. Spain’s Telefonica, which owns the UK network O2, said it agreed with the GSMA’s stance.

Huawei is itself an associate member of the GSMA and is typically one of the biggest exhibitors at the GSMA’s Mobile World Congress show in Barcelona.

This story was originally published on BBC Technology News